DentaQuest data breach exposed info of 2.6 million accounts
A data breach at DentaQuest, a major dental benefits administrator in the U. S. , exposed sensitive information from 2. 6 million accounts. The breach was publicly disclosed after the extortion group ShinyHunters leaked over 234 GB of stolen data following failed ransom negotiations. Exposed data includes email addresses, full names, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth. DentaQuest confirmed unauthorized access to a limited portion of its network but stated that its systems remain operational with limited disruption. Approximately 66% of the leaked records were already known from previous breaches. The incident increases risks of phishing and social engineering attacks against affected individuals. No specific patch or remediation details were provided by the vendor, and the breach appears to be under active investigation with external experts engaged.
AI Analysis
Technical Summary
The DentaQuest data breach involved unauthorized access to a limited segment of the company's network, resulting in the exposure of sensitive personal and health-related information for 2.6 million accounts. The breach was publicly disclosed after the extortion group ShinyHunters leaked the data following unsuccessful ransom demands. The compromised data includes personally identifiable information such as full names, email addresses, phone numbers, government IDs, health insurance details, genders, and birth dates. DentaQuest confirmed the incident and stated that immediate containment and mitigation actions were taken, with external experts assisting the investigation. The breach affects a significant portion of DentaQuest's customer base, which serves 35 million people across the United States. No patch or technical remediation was mentioned, as this is a data breach incident rather than a software vulnerability. The leaked data overlaps with previously known breached records, indicating some data may have been exposed before.
Potential Impact
The breach exposed sensitive personal and health insurance information of 2.6 million DentaQuest accounts, increasing the risk of identity theft, fraud, and targeted phishing or social engineering attacks against affected individuals. The exposure of government-issued IDs and health insurance data is particularly sensitive and may lead to significant privacy and financial harm. Although DentaQuest reported limited disruption to services, the reputational damage and potential regulatory consequences could be substantial. The presence of previously known breached data in the leak suggests some users may have been impacted by multiple incidents.
Mitigation Recommendations
DentaQuest has confirmed the breach and stated that immediate actions were taken to secure the environment, contain the attack, and mitigate the threat. External cybersecurity experts are engaged in the investigation. No specific patch or remediation is applicable as this is a data breach incident. Affected individuals should be alerted to exercise caution with unsolicited communications to avoid phishing and social engineering attacks. Organizations and individuals should monitor for suspicious activity related to the exposed data. Patch status is not applicable; check DentaQuest advisories for updates on incident response and remediation.
DentaQuest data breach exposed info of 2.6 million accounts
Description
A data breach at DentaQuest, a major dental benefits administrator in the U. S. , exposed sensitive information from 2. 6 million accounts. The breach was publicly disclosed after the extortion group ShinyHunters leaked over 234 GB of stolen data following failed ransom negotiations. Exposed data includes email addresses, full names, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth. DentaQuest confirmed unauthorized access to a limited portion of its network but stated that its systems remain operational with limited disruption. Approximately 66% of the leaked records were already known from previous breaches. The incident increases risks of phishing and social engineering attacks against affected individuals. No specific patch or remediation details were provided by the vendor, and the breach appears to be under active investigation with external experts engaged.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The DentaQuest data breach involved unauthorized access to a limited segment of the company's network, resulting in the exposure of sensitive personal and health-related information for 2.6 million accounts. The breach was publicly disclosed after the extortion group ShinyHunters leaked the data following unsuccessful ransom demands. The compromised data includes personally identifiable information such as full names, email addresses, phone numbers, government IDs, health insurance details, genders, and birth dates. DentaQuest confirmed the incident and stated that immediate containment and mitigation actions were taken, with external experts assisting the investigation. The breach affects a significant portion of DentaQuest's customer base, which serves 35 million people across the United States. No patch or technical remediation was mentioned, as this is a data breach incident rather than a software vulnerability. The leaked data overlaps with previously known breached records, indicating some data may have been exposed before.
Potential Impact
The breach exposed sensitive personal and health insurance information of 2.6 million DentaQuest accounts, increasing the risk of identity theft, fraud, and targeted phishing or social engineering attacks against affected individuals. The exposure of government-issued IDs and health insurance data is particularly sensitive and may lead to significant privacy and financial harm. Although DentaQuest reported limited disruption to services, the reputational damage and potential regulatory consequences could be substantial. The presence of previously known breached data in the leak suggests some users may have been impacted by multiple incidents.
Mitigation Recommendations
DentaQuest has confirmed the breach and stated that immediate actions were taken to secure the environment, contain the attack, and mitigate the threat. External cybersecurity experts are engaged in the investigation. No specific patch or remediation is applicable as this is a data breach incident. Affected individuals should be alerted to exercise caution with unsolicited communications to avoid phishing and social engineering attacks. Organizations and individuals should monitor for suspicious activity related to the exposed data. Patch status is not applicable; check DentaQuest advisories for updates on incident response and remediation.
Technical Details
- Article Source
- {"url":"https://www.bleepingcomputer.com/news/security/dentaquest-data-breach-exposed-info-of-26-million-accounts/","fetched":true,"fetchedAt":"2026-06-04T18:48:37.165Z","wordCount":677}
Threat ID: 6a21c885e29bf47b50c3ee4c
Added to database: 6/4/2026, 6:48:37 PM
Last enriched: 6/4/2026, 6:48:43 PM
Last updated: 6/4/2026, 8:11:39 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.